After part 1 with the initial setup, we want to handle the client on our site and check their paypal status when they visit their internal profile page.
To do so, we need to send a request to Paypal and receive the status of the subscription of this specific client.
This is how:
// paypal subscriptions via API
// note: we have stored the payerid (subscription_id) of the user in our database, see part 1
if(!empty($payerid))
{
$accesstoken = paypal_get_accesstoken();
/*
APPROVAL_PENDING. The subscription is created but not yet approved by the buyer.
APPROVED. The buyer has approved the subscription.
ACTIVE. The subscription is active.
SUSPENDED. The subscription is suspended.
CANCELLED. The subscription is cancelled.
EXPIRED. The subscription is expired.
*/
$paypal_status = paypal_subscription_get_status($payerid, $accesstoken);
if($paypal_status=='ACTIVE')
{
echo '<p>Paypal-Subscription: Active</p>';
}
// $paypal_status: SUSPENDED, CANCELLED, EXPIRED
else
{
// inactive paypal subscription
}
}
The essential PHP functions to make the code above work:
- paypal_get_accesstoken();
- paypal_subscription_get_status($subscriptionid, $accesstoken);
// https://developer.paypal.com/docs/api/get-an-access-token-curl/
// get paypal access token
function paypal_get_accesstoken()
{
$accesstoken = '';
// sandbox credentials from https://developer.paypal.com/developer/applications/
$clientid = "AYkqPe4ShL6LVIOBssEevGFESh0eQytkO5MoAbbMp7le1HlLGkmNGxIfsdfasdfsdQbEsfasdf12345";
$secret = "EJr5Y-MoCsdfsdfsdfsvqBusdfasdfsdfsfsdfsdfsdfsdfsdsQqy_fsdf12345";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://api.sandbox.paypal.com/v1/oauth2/token"); // Sandbox
// curl_setopt($ch, CURLOPT_URL, "https://api.paypal.com/v1/oauth2/token"); // LIVE
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERPWD, $clientid.":".$secret);
curl_setopt($ch, CURLOPT_POSTFIELDS, "grant_type=client_credentials");
$response = curl_exec($ch);
if(empty($response))
{
die("Error: No response.");
return;
}
else
{
$json = json_decode($response);
$accesstoken = $json->access_token;
// var_dump('TOKEN: '.$accesstoken);
}
curl_close($ch);
return $accesstoken;
}
// https://developer.paypal.com/docs/subscriptions/full-integration/subscription-management/
function paypal_subscription_get_status($subscriptionid, $accesstoken)
{
// client subscription ID, example ID from customer: I-WB34K81SW1XX
if(empty($subscriptionid) || empty($accesstoken))
{
return;
}
$headers = [
'Authorization: Bearer '.$accesstoken,
'Content-Type: application/json'
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://api-m.sandbox.paypal.com/v1/billing/subscriptions/".$subscriptionid);
// curl_setopt($ch, CURLOPT_URL, "https://api-m.paypal.com/v1/billing/subscriptions/".$subscriptionid); // LIVE
curl_setopt($ch, CURLOPT_POST, 0); // important: GET not POST, otherwise error
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$response = curl_exec($ch);
// $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); // 200
if(curl_errno($ch))
{
var_dump( 'ERROR: '.curl_error($ch) );
}
$json = json_decode($response);
/*
APPROVAL_PENDING. The subscription is created but not yet approved by the buyer.
APPROVED. The buyer has approved the subscription.
ACTIVE. The subscription is active.
SUSPENDED. The subscription is suspended.
CANCELLED. The subscription is cancelled.
EXPIRED. The subscription is expired.
*/
// https://developer.paypal.com/docs/api/subscriptions/v1/#subscriptions_get
$subscription_status = $json->status;
return $subscription_status;
}
Now we are able to generate the access token to access the Paypal API, and we can get the status of the subscription.
NOTE: You can go live now.
What does that mean:
1. Open developer.paypal.com, switch from Sandbox to Live and create the app according to the sandbox app, you receive LIVE credentials
2. Don't forget to also add the webhook URL (bottom of page)
Javascript/PHP Code:
3. Replace all sandbox URLs (REST API) with the live URLs (in most case you only have to remove "sandbox.")
4. Use all LIVE products/plans.
5. Use the LIVE client id and client secret.
6. So yes, go through all code again and make sure you have changed all of them.
Good luck my friends!
In part 3 we see how we can cancel (suspend/pause) a paypal subscription.
